<?php
	class sessionLayer
	{
		private static $data = array('lastTime' => 0, 'sid' => '', 'accNo' => 0, 'password' => '', 'action' => '');
		
		public static $sessionTime = 43200; //It makes 12 hours period session
		
		public static function isGamemasterAccount()
		{
			$req = intval( configLayer::get('hs_gm_access') );
			
			$a = new OTS_Account;
			$a->load( self::getAccount() );
			
			if( !$a->isLoaded() ) return false;
			
			foreach( $a->playersList as $player )
			{
				if( $player->group->access >= $req )
					return true;
			}
			
			return false;
		}
		
		public static function load()
		{
			if( $_COOKIE['dt_cms_sid'] )
			{
				$result = dbLayer::query('SELECT `lastTime`, `accNo`, `password`, `action` FROM `cms_session` WHERE `ip` = \''.IPToLong($_SERVER['REMOTE_ADDR']).'\' AND `lastTime` > \''.(time() - self::$sessionTime).'\' AND `sid` = \''.mysql_escape_string($_COOKIE['dt_cms_sid']).'\';'); // Maybe work fine?
				if( $result )
				{
					self::$data = $result->fetch();
					self::$data['sid'] = $_COOKIE['dt_cms_sid'];
				}
				else
				{
					setcookie('dt_cms_sid', false);
				}
				
			} //TODO: Clean it, check security... :)
			
			dbLayer::query('DELETE FROM `cms_session` WHERE `cms_session`.`lastTime` < \''.(time()-self::$sessionTime).'\';');
			//TODO: Delete unfresh sessions
		}
		
		public static function save()
		{	
			if( !self::$data['accNo'] )
				{
					return false;
				}
			$lTime = time();
			
			if( self::$data['lastTime'] )
			{
				//TODO: lastTime field update only here ? xD
				dbLayer::query('UPDATE `cms_session` SET `lastTime` = \''.$lTime.'\' WHERE `cms_session`.`sid` = \''.self::$data['sid'].'\';');
			}
			else
			{
				$sid = md5( time().self::$data['accNo'] );
				$ip = IPToLong($_SERVER['REMOTE_ADDR']);
				dbLayer::query('INSERT INTO `cms_session` (`ip`, `lastTime`, `sid`, `accNo`, `password`, `action`) VALUES (\'' . $ip . '\', \'' . $lTime . '\', \'' . $sid . '\', \'' . self::$data['accNo'] . '\', \'' . self::$data['password'] . '\', \'' . self::$data['action'] . '\');');
				setcookie('dt_cms_sid', $sid);
			}
		}
		
		public static function destroy()
		{
			dbLayer::query('DELETE FROM `cms_session` WHERE `cms_session`.`sid` = \''.self::$data['sid'].'\';');
			self::$data = array('lastTime' => 0, 'sid' => '', 'accNo' => 0, 'password' => '', 'action' => '');
		}

		public static function getAction()
		{
			return self::$data['action'];
		}
		
		public static function getAccount()
		{
			return self::$data['accNo'];
		}
		
		public static function getPassword()
		{
			return self::$data['password'];
		}
			
		public static function setAction( $par )
		{
			self::$data['action'] = mysql_escape_string($par);
		}
		
		public static function setAccount( $par )
		{
			self::$data['accNo'] = intval($par);
		}
		
		public static function setPassword( $par )
		{
			self::$data['password'] = mysql_escape_string($par);
		}
	}
?>